CN102685142A - File authority control method, device and system - Google Patents

File authority control method, device and system Download PDF

Info

Publication number
CN102685142A
CN102685142A CN2012101618002A CN201210161800A CN102685142A CN 102685142 A CN102685142 A CN 102685142A CN 2012101618002 A CN2012101618002 A CN 2012101618002A CN 201210161800 A CN201210161800 A CN 201210161800A CN 102685142 A CN102685142 A CN 102685142A
Authority
CN
China
Prior art keywords
document
authorization attributes
service end
client
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012101618002A
Other languages
Chinese (zh)
Other versions
CN102685142B (en
Inventor
刘芳成
祝涛
张高原
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201210161800.2A priority Critical patent/CN102685142B/en
Publication of CN102685142A publication Critical patent/CN102685142A/en
Priority to PCT/CN2013/074895 priority patent/WO2013174195A1/en
Application granted granted Critical
Publication of CN102685142B publication Critical patent/CN102685142B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Document Processing Apparatus (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention relates to a file authority control method, device and system.. The file authority control method comprises the following steps of: after a client obtains a message that authority attribution information of a file is varied, sending the file to a server, sending a request message of setting an authority attribution of the file, and downloading the file after setting the authority attribution from the server, so as to access or monitor and trace the file; and after the server receives the request message of setting the authority attribution of the file, which is sent by the client, obtaining the authority attribution information of the file from a file list database, setting the authority attribution of the file, and storing the file after setting the authority attribution to an assigned position of a download catalogue, so that the client downloads the file. The file authority control method, device and system provided by the embodiment of the invention solve the uniform management and automatic synchronous update problems of the authority attribution information of the file.

Description

Document right control method, device and system
Technical field
The present invention relates to information security field, relate in particular to a kind of document right control method, device and system.
Background technology
In the information age, more and more enterprises uses a computer and creates and handle e commerce transactions information, and electronic information exists by the danger of intercepting and capturing, illegally obtaining, so information security just seems particularly important.For the document resources of industry inside, generally through the control that conducts interviews of the mode to the additional Authorization Attributes of document.
Under prior art, when client is checked the document that authority has been set in the server,, obtain and preserve the authority that the user has the document from server according to user's information; Client is added sign in the filename of document, and in the corresponding process of the document opening document; Set up and preserve the corresponding relation of the authority that document window handle, the document and this user have the document according to sign; The user searches in the corresponding relation of preserving according to the window handle of current operation document, the authority that acquisition has current operation document, and according to the operation of this control of authority user to current document.
Under prior art, when the Authorization Attributes of a certain document need change, can not realize all copies of the document are upgraded simultaneously, and before the user opens the document, can not know the document security information accurately.In addition, under prior art, system can't monitor tracking to document, exists the unauthorized personnel to transmit and the risk of the document that leaks.
Summary of the invention
The embodiment of the invention provides a kind of document right control method, device and system, has realized the unified management of document Authorization Attributes information and renewal synchronously automatically.
First aspect, the embodiment of the invention provide a kind of document right control method, and said method comprises:
Receive the request message of the Authorization Attributes that document is set of client transmission, carry the identification information of said document in the described request message;
According to the identification information of said document, obtain the Authorization Attributes information of said document;
According to the Authorization Attributes information of said document, the Authorization Attributes of said document is set, obtain authorisation document;
Said authorisation document is saved in the indicated position of download directory, so that the said authorisation document of said client downloads.
Second aspect, the embodiment of the invention provide a kind of document right control method, and said method comprises:
Client is sent the query messages of the Authorization Attributes information be used to inquire about document to service end;
Receive the response message that said service end is sent to said query messages;
Said response message is that Authorization Attributes and the source Authorization Attributes of document is when inequality; Send said document to said service end; And sending the request message of the Authorization Attributes that said document is set, said source Authorization Attributes is the Authorization Attributes of the said document preserved in this locality of said client;
Download the said document that is provided with behind the Authorization Attributes from said service end, follow the tracks of said document in order to visit or monitoring.
The third aspect, the embodiment of the invention provide a kind of document control of authority device, and said device comprises:
First receiving element is used to receive the request message of the Authorization Attributes that document is set that client sends, and carries the identification information of said document in the described request message;
Acquiring unit is used for the identification information according to said document, obtains the Authorization Attributes information of said document;
The unit is set, is used for Authorization Attributes information, the Authorization Attributes of said document is set, obtain authorisation document according to said document;
Memory cell is used for said authorisation document is saved in the indicated position of download directory, so that the said authorisation document of said client downloads.
Fourth aspect, the embodiment of the invention provide a kind of document control of authority device, and said device comprises:
Transmitting element is used for sending to service end the query messages of the Authorization Attributes be used to inquire about document;
Receiving element is used to receive the response message that said service end is sent to said query messages;
First processing unit; Be used for Authorization Attributes that said response message is a document and source Authorization Attributes when inequality; Send said document to said service end; And sending the request message of the Authorization Attributes that said document is set, said source Authorization Attributes is the Authorization Attributes of the said document preserved in this locality of said client;
Download unit is used for downloading the said document that is provided with behind the Authorization Attributes from said service end, follows the tracks of said document in order to visit or monitoring.
The 5th aspect, the embodiment of the invention provide a kind of document authority control system, and said system comprises above-mentioned document control of authority device and document inventory database.
In the embodiment of the invention; In the document authority control system, client is sent the query messages of document Authorization Attributes information to service end, if document Authorization Attributes and source Authorization Attributes are inequality; Send the document to service end, and send the request message of the Authorization Attributes that the document is set; After the Authorization Attributes of document has been set in service end, download the document, follow the tracks of the document in order to visit or monitoring from service end; Service end receives the request message of the Authorization Attributes that document is set of client transmission, in the document inventory database, obtains the Authorization Attributes information of document; According to this Authorization Attributes information, the Authorization Attributes of the document is set, obtain authorisation document; Then this authorisation document is saved in the indicated position of download directory, in order to the said authorisation document of said client downloads.Realized the Authorization Attributes information of unified management document thus, document has been authorized, promptly realized the unified management of document Authorization Attributes information and renewal synchronously automatically by service end.
Description of drawings
The flow chart of a kind of document right control method that Fig. 1 provides for the embodiment of the invention;
The flow chart of the another document right control method that Fig. 2 provides for the embodiment of the invention;
The application interaction figure of a kind of document authority control system that Fig. 3 provides for the embodiment of the invention;
A kind of document authority control system Organization Chart that Fig. 4 provides for the embodiment of the invention;
A kind of document control of authority schematic representation of apparatus that Fig. 5 provides for the embodiment of the invention;
The another document control of authority schematic representation of apparatus that Fig. 6 provides for the embodiment of the invention.
Embodiment
Through accompanying drawing and embodiment, technical scheme of the present invention is done further detailed description below.
In the embodiment of the invention,, be difficult to know the accurate security information of document, can not carry out the shortcoming that behavior monitoring is followed the tracks of, a kind of document right control method, device and system are provided document to being difficult to unified management for same piece of writing document under the prior art.Wherein, client is sent the query messages of document Authorization Attributes information to service end, if document Authorization Attributes and source Authorization Attributes are inequality, sends the document to service end, and sends the request message of the Authorization Attributes that the document is set; After the Authorization Attributes of document has been set in service end, download the document, follow the tracks of the document in order to visit or monitoring from service end; Service end receives the request message of the Authorization Attributes that document is set of client transmission, in the document inventory database, obtains the Authorization Attributes information of document; According to this Authorization Attributes information, the Authorization Attributes of the document is set, obtain authorisation document; Then this authorisation document is saved in the indicated position of download directory, in order to the said authorisation document of said client downloads.Realized the Authorization Attributes information of unified management document thus, document has been authorized, promptly realized the unified management of document Authorization Attributes information and renewal synchronously automatically by service end.
The flow chart of a kind of document right control method that Fig. 1 provides for the embodiment of the invention.The present embodiment main body is a service end, wherein describes service end is carried out the setting of Authorization Attributes to document process in detail.As shown in Figure 1, present embodiment may further comprise the steps:
Step 101, service end receive the request message of the Authorization Attributes that document is set of client transmission, carry the identification information of said document in the described request message.
In the present embodiment, client can be repository, or personal computer PC, or the product data management end (Product Data Management, PDM).Service end is used to document setup Authorization Attributes information.
Because the setting of document Authorization Attributes is to be accomplished by service end, so service end also can receive the document that Authorization Attributes need be set before the request message of the Authorization Attributes that document is set that receives the client transmission.The document that service end receives possibly be the document behind the compress-encrypt, therefore after receiving document, can at first decipher decompression to the document.
Certainly, when client has just been created document or got access to the information that the Authorization Attributes information of document changes, solicited message from the Authorization Attributes that document is set to service end that can send, requesting client is provided with the Authorization Attributes of document.
The method that client is obtained the information that the Authorization Attributes information of document changes is: for pc client; When the document of the local preservation of pc client visit; If situation about can not visit has taken place; Then can send the query messages of the Authorization Attributes information of document to service end, whether the Authorization Attributes information that service end is obtained document through inquiry document inventory database variation has taken place, and sends Query Result to client; For repository; Owing to preserved a large amount of documents in the repository; Therefore repository can circulate and send the query messages of the Authorization Attributes information of document to service end; And receive the response message that service end is sent, realized that thus repository in time obtains document Authorization Attributes change in information situation, and in time revised the Authorization Attributes information of document automatically through the operating procedure of back; PDM client and repository are similar; Wherein also preserved a large amount of documents; Therefore can circulate and send the query messages of the Authorization Attributes information of document to service end; And receive the response message that service end is sent, realized that thus the PDM client can in time obtain document Authorization Attributes change in information situation.
Preferably; Service end is also comprising before the request message that receives the Authorization Attributes information that document is set that client sends: after receiving the query messages of Authorization Attributes information of the said document of inquiry that said client sends, send the response message to said query messages to said client.
The Authorization Attributes information of document can for: advanced level user has total-control authority to the document, and intermediate users has the modification authority to the document, and domestic consumer has read-only authority etc. to the document.
Step 102, service end are obtained the Authorization Attributes information of said document according to the identification information of said document.
The identification information of the document that carries in the request message of service end according to the Authorization Attributes that document is set is inquired about the document inventory database, therefrom obtains the Authorization Attributes information of the document.
Need to prove that the Authorization Attributes of document, is kept at the Authorization Attributes information of amended document in the document inventory database when keeper will revise the Authorization Attributes information of document by the unified control of system manager in the present embodiment.Preserved the Authorization Attributes information that the user of different stage has said document in the document inventory database.
Step 103, service end are provided with the Authorization Attributes of said document according to the Authorization Attributes information of said document, obtain authorisation document.
Certainly, get access to the Authorization Attributes information of document in service end after, can Authorization Attributes be set to the document, obtain authorisation document.
Need to prove that present embodiment does not limit the method that service end is provided with document Authorization Attributes information, as long as realized service end the Authorization Attributes of document is set.
Step 104, service end is saved in the indicated position of download directory with said authorisation document, so that the said authorisation document of said client downloads.
After service end has been accomplished being provided with of document Authorization Attributes information, can compress and encrypt this authorisation document, and the document storing after will compressing and encrypt be to download directory.
Certainly; Service end also can receive the query messages whether search access right attribute information that client sends is provided with completion; After service end was returned the response message of accomplishing the Authorization Attributes setting to client, client can be downloaded this authorisation document from the download directory of service end.
In the embodiment of the invention, service end receives the request message of the Authorization Attributes that document is set of client transmission, in the document inventory database, obtains the Authorization Attributes information of document; According to this Authorization Attributes information, the Authorization Attributes of the document is set, obtain authorisation document; Then this authorisation document is saved in the indicated position of download directory, in order to the said authorisation document of said client downloads.Realized thus by service end document being authorized, promptly realized the unified management of document Authorization Attributes and renewal synchronously automatically by the Authorization Attributes information of system operator unified management document.
How what the foregoing description was described carries out the setting of Authorization Attributes to document for service end, and following embodiment describes the process that client is upgraded the document Authorization Attributes synchronously.The flow chart of the another document right control method that Fig. 2 provides for the embodiment of the invention.The present embodiment main body is a client, wherein describes the process that client is upgraded the document Authorization Attributes synchronously in detail.As shown in Figure 2, present embodiment may further comprise the steps:
Step 201, client are sent the query messages of the Authorization Attributes information be used to inquire about document to service end.
Client can be repository, or pc client, or the PDM client.
For repository; Owing to preserved a large amount of documents in the repository; Therefore repository can circulate and send the query messages of the Authorization Attributes information of document to service end; And receive the response message that service end is sent, repository can in time obtain document Authorization Attributes change in information situation thus, and through after state the Authorization Attributes information that document is in time upgraded in operation automatically.For pc client; Because the number of documents of storing in the personal computer PC is little; Therefore individual pc client just can send the query messages of the Authorization Attributes information of document to service end in the time can't visiting certain document, in order to the Authorization Attributes information of obtaining document whether variation has taken place.PDM client and repository are similar; Wherein also preserved a large amount of documents; Therefore can circulate and send the query messages of the Authorization Attributes information of document to service end; And receive the response message that service end is sent, realized that thus the PDM client can in time obtain document Authorization Attributes change in information situation.
Step 202, client receive the response message that said service end is sent to said query messages.
Certainly, behind the inquiry request message of service end sending permission attribute information, service end will be sent response message in client, carry the information whether the Authorization Attributes information of document changes in the response message.
Step 203; Said response message is that Authorization Attributes and the source Authorization Attributes of document is when inequality; Client is sent said document to said service end; And sending the request message of the Authorization Attributes that said document is set, said source Authorization Attributes is the Authorization Attributes of the said document preserved in this locality of said client.
According to said response message, during the Authorization Attributes that client draws document and the source Authorization Attributes of local the document of preserving conclusion inequality, client is sent the document to service end, and the request service end is provided with the Authorization Attributes information of the document.
According to said response message, during the identical conclusion of the source Authorization Attributes of the Authorization Attributes that client draws document and local the document of preserving, client will continue visit or the said document of monitoring tracking.It is management document for ease that client is followed the tracks of document.
Step 204, client is downloaded the document that is provided with behind the Authorization Attributes from said service end, follows the tracks of said document in order to visit or monitoring.
After the Authorization Attributes of document is set in the client-requested service end; Client will be sent the query messages whether the search access right attribute has been provided with completion to service end; And the response message of reception service end; If service end has been accomplished the setting of Authorization Attributes, then client is downloaded the document be provided with behind the Authorization Attributes from service end, in order to visit or follow the tracks of.
In the embodiment of the invention, client is sent the query messages of document Authorization Attributes information to service end, if when document Authorization Attributes and source Authorization Attributes are inequality, send the document to service end, and transmission is provided with the request message of the Authorization Attributes of the document; After the Authorization Attributes of document has been set in service end, download the document, follow the tracks of the document in order to visit or monitoring from service end.Realized in the document inventory database being Authorization Attributes information when changing thus, client is upgraded document Authorization Attributes information automatically synchronously, and has realized that the monitoring of document follows the tracks of.
Above-mentioned two embodiment have described service end respectively and have carried out the process of document Authorization Attributes setting and the process that client is upgraded the document Authorization Attributes synchronously, and following embodiment describes the information interactive process between client in the document authority control system, service end and the document inventory database.The application interaction figure of a kind of document authority control system that Fig. 3 provides for the embodiment of the invention.As shown in Figure 3, the application interaction process in the document authority control system is following:
Step 301, the document that client will be provided with Authorization Attributes uploads to service end.
Client will ask service end to carry out the setting of document Authorization Attributes information after newly creating document or getting access to the information that the document Authorization Attributes changes, and the document that therefore Authorization Attributes can will be set is earlier uploaded onto the server.The document can be with compress-encrypt pass to service end in form.
Step 302, client are sent the request message of the Authorization Attributes that document is set to service end.
In the embodiment of the invention; Authorization Attributes for the unified management document; Carry out the setting of Authorization Attributes information by service end; When therefore the system manager revised the Authorization Attributes information of document, the request message that client will be sent the document Authorization Attributes to service end was carried out the setting of Authorization Attributes information to the document unification by service end.
Step 303, service end inquiry document inventory database is obtained the corresponding Authorization Attributes information of the document.
When the system manager revises the Authorization Attributes information of document; To be saved in amended Authorization Attributes information in the document inventory database; Therefore service end receive document Authorization Attributes information that client sends request message is set after; Can inquire about the document inventory database, obtain the corresponding Authorization Attributes information of the document.
A kind of document authority control system Organization Chart that Fig. 4 provides for the embodiment of the invention.As shown in Figure 4, the document authority control system is made up of client, service end and document inventory database.Client can be PC, repository, PDM; Service end is used for carrying out the document mandate; Preserved the Authorization Attributes information of document in the document inventory database, the system manager has been kept at the Authorization Attributes information of document in this database.
Step 304, service end is authorized document according to the Authorization Attributes information of document.
Service end can be provided with Authorization Attributes to the document after getting access to the Authorization Attributes information of document, obtain authorisation document.After service end has been accomplished being provided with of document Authorization Attributes information, can compress and encrypt this authorisation document, and the document storing after will compressing and encrypt be to the indicated position of download directory.
Step 305, client is sent the query messages whether the search access right attribute has been provided with completion to service end.
After the Authorization Attributes information of document is set in the client-requested service end, client will be sent the query messages whether the search access right attribute has been provided with completion to service end after the regular hour.
Step 306, service end are sent to client and have been accomplished the response message that the document Authorization Attributes is provided with.
Step 307, client are downloaded from service end and are accomplished the authorisation document that Authorization Attributes is provided with.
If service end has been accomplished the setting of Authorization Attributes, then client is downloaded the document be provided with after the Authorization Attributes information from service end, in order to visit or follow the tracks of.
In the embodiment of the invention, when client needed service end to carry out being provided with of document Authorization Attributes, the document that Authorization Attributes can will be set sent to service end, and sent the request message of the Authorization Attributes that document is set to service end; Service end is obtained the Authorization Attributes information of document in the document inventory database, and is the document mandate; Client is downloaded the document of accomplishing mandate from service end after the information of obtaining the setting of service end completion document Authorization Attributes.The embodiment of the invention has realized that client is through the synchronous automatically document Authorization Attributes information of upgrading of service end thus.
A kind of document control of authority schematic representation of apparatus that Fig. 5 provides for the embodiment of the invention.As shown in Figure 5, present embodiment comprises with lower unit:
First receiving element 501 is used to receive the request message of the Authorization Attributes that document is set that client sends, and carries the identification information of said document in the described request message.
In the present embodiment, client can be repository, or personal computer PC, or the product data management end (Product Data Management, PDM).Service end is used to the document setup Authorization Attributes.
Certainly, when client has just been created document or got access to the information that the Authorization Attributes of document changes, solicited message from the Authorization Attributes that document is set to service end that can send, requesting client is provided with the Authorization Attributes of document.
Acquiring unit 502 is used for the identification information according to said document, obtains the Authorization Attributes information of said document.
Acquiring unit 502 specifically is used for the identification information according to said document, in the document inventory database, obtains the Authorization Attributes information of said document; Said document inventory database is used to preserve the Authorization Attributes information that the user of different stage has said document.
The identification information of the document that carries in the request message of service end according to the Authorization Attributes that document is set is inquired about the document inventory database, therefrom obtains the Authorization Attributes information of the document.
Need to prove that the Authorization Attributes of document, is kept at the Authorization Attributes information of amended document in the document inventory database when keeper will revise the Authorization Attributes information of document by the unified control of system manager in the present embodiment.
Unit 503 is set, is used for Authorization Attributes information, the Authorization Attributes of said document is set, obtain authorisation document according to said document.
Memory cell 504 is used for said authorisation document is saved in the indicated position of download directory, so that the said authorisation document of said client downloads.
After service end has been accomplished being provided with of document Authorization Attributes, can compress and encrypt this authorisation document, and the document storing after will compressing and encrypt be to the indicated position of download directory.
Certainly; Service end also can receive the query messages whether search access right attribute that client sends is provided with completion; After service end was returned the response message of accomplishing the Authorization Attributes setting to client, client can be downloaded this authorisation document from the indicated position of the download directory of service end.
Preferably, the embodiment of the invention also comprises: second receiving element 505 is used to receive the said document that Authorization Attributes need be set.
Because the setting of document Authorization Attributes is to be accomplished by service end, so service end also can receive the document that Authorization Attributes information need be set before the request message of the Authorization Attributes that document is set that receives the client transmission.The document that service end receives possibly be the document behind the compress-encrypt, therefore after receiving document, can at first decipher decompression to the document.
The embodiment of the invention also comprises: the 3rd receiving element 506 is used to receive the query messages of the Authorization Attributes of the said document of inquiry that said client sends; Transmitting element 507 is used for sending the response message to said query messages to said client.
In the embodiment of the invention, service end receives the request message of the Authorization Attributes that document is set of client transmission, in the document inventory database, obtains the Authorization Attributes information of document; According to this Authorization Attributes information, the Authorization Attributes of the document is set, in order to obtain authorisation document; Then this authorisation document is saved in the indicated position of download directory, in order to the said authorisation document of said client downloads.Realized thus by service end document being authorized, promptly realized the unified management of document Authorization Attributes information and renewal synchronously automatically by the Authorization Attributes information of system operator unified management document.
What the foregoing description was described is that a kind of document control of authority device carries out the process that Authorization Attributes is provided with to document, and following embodiment describes the process that another kind of document control of authority device upgrades the document Authorization Attributes synchronously.The another document control of authority schematic representation of apparatus that Fig. 6 provides for the embodiment of the invention.As shown in Figure 6, present embodiment comprises with lower unit:
Transmitting element 601 is used for client is sent query messages from the Authorization Attributes information be used to inquire about document to service end.
Client can be repository, or pc client, or the PDM client.
For repository; Owing to preserved a large amount of documents in the repository; Therefore repository can circulate and send the query messages of the Authorization Attributes information of document to service end; And receive the response message that service end is sent, repository can in time obtain document Authorization Attributes change in information situation thus, and through after state the Authorization Attributes information that document is in time upgraded in operation automatically.For pc client; Because the number of documents of storing in the personal computer PC is little; Therefore individual pc client just can send the query messages of the Authorization Attributes information of document to service end in the time can't visiting certain document, in order to the Authorization Attributes information of obtaining document whether variation has taken place.PDM client and repository are similar; Wherein also preserved a large amount of documents; Therefore can circulate and send the query messages of the Authorization Attributes information of document to service end; And receive the response message that service end is sent, realized that thus the PDM client can in time obtain document Authorization Attributes change in information situation.
Receiving element 602 is used to receive the response message that said service end is sent to said query messages.
Certainly, behind the inquiry request message of service end sending permission attribute information, service end will be sent response message in client, carry the information whether the Authorization Attributes information of document changes in the response message.
First processing unit 603; Be used for Authorization Attributes that said response message is said document and source Authorization Attributes when inequality; Send said document to said service end; And sending the request message of the Authorization Attributes that said document is set, said source Authorization Attributes is the Authorization Attributes of the said document preserved in this locality of said client.
Download unit 604 is used for downloading the said document that is provided with behind the Authorization Attributes from said service end, follows the tracks of said document in order to visit or monitoring.
After the Authorization Attributes information of document is set in the client-requested service end; Client will be sent the query messages whether the search access right attribute information has been provided with completion to service end; And the response message of reception service end; If service end has been accomplished the setting of Authorization Attributes, then client is downloaded the document be provided with after the Authorization Attributes information from service end, in order to visit or follow the tracks of.
Preferably, the embodiment of the invention also comprises: second processing unit 605, be used for said response message and be the Authorization Attributes of document when identical with the source Authorization Attributes, and said document is followed the tracks of in visit or monitoring.
The embodiment of the invention also comprises: acquiring unit 606, and be used to obtain said service end and accomplish the information that Authorization Attributes is provided with, accomplish the document that Authorization Attributes is provided with in order to download from said service end.
In the embodiment of the invention, client is sent the query messages of document Authorization Attributes information to service end, if when document Authorization Attributes and source Authorization Attributes are inequality, send the document to service end, and transmission is provided with the request message of the Authorization Attributes of the document; After the Authorization Attributes of document has been set in service end, download the document, follow the tracks of the document in order to visit or monitoring from service end.When the Authorization Attributes information in the document inventory database of having realized thus changed, client was upgraded the document Authorization Attributes automatically synchronously, and had realized that the monitoring of document follows the tracks of.
The embodiment of the invention also provides a kind of document authority control system, and this system has implanted the document right control method that the embodiment of the invention provides, and comprises document control of authority device, also comprises the document inventory database.In the document authority control system, client is sent the query messages of document Authorization Attributes information to service end, if document Authorization Attributes and source Authorization Attributes are inequality, sends the document to service end, and sends the request message of the Authorization Attributes that the document is set; After the Authorization Attributes of document has been set in service end, download the document, follow the tracks of the document in order to visit or monitoring from service end; Service end receives the request message of the Authorization Attributes that document is set of client transmission, in the document inventory database, obtains the Authorization Attributes information of document; According to this Authorization Attributes information, the Authorization Attributes of the document is set, obtain authorisation document; Then this authorisation document is saved in the indicated position of download directory, in order to the said authorisation document of said client downloads.Realized the Authorization Attributes information of unified management document thus, document has been authorized, promptly realized the unified management of document Authorization Attributes information and renewal synchronously automatically by service end.Therefore, the document authority control system that provides of the embodiment of the invention is also in protection scope of the present invention.
The professional should further recognize; The unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein; Can realize with electronic hardware, computer software or the combination of the two; For the interchangeability of hardware and software clearly is described, the composition and the step of each example described prevailingly according to function in above-mentioned explanation.These functions still are that software mode is carried out with hardware actually, depend on the application-specific and the design constraint of technical scheme.The professional and technical personnel can use distinct methods to realize described function to each certain applications, but this realization should not thought and exceeds scope of the present invention.
The software module that the method for describing in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to carry out, perhaps the combination of the two is implemented.Software module can place the storage medium of any other form known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or the technical field.
Above-described embodiment; The object of the invention, technical scheme and beneficial effect have been carried out further explain, and institute it should be understood that the above is merely embodiment of the present invention; And be not used in qualification protection scope of the present invention; All within spirit of the present invention and principle, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (15)

1. a document right control method is characterized in that, said method comprises:
Receive the request message of the Authorization Attributes that document is set of client transmission, carry the identification information of said document in the described request message;
According to the identification information of said document, obtain the Authorization Attributes information of said document;
According to the Authorization Attributes information of said document, the Authorization Attributes of said document is set, obtain authorisation document;
Said authorisation document is saved in the indicated position of download directory, so that the said authorisation document of said client downloads.
2. document right control method as claimed in claim 1 is characterized in that, also comprise before the request message of the Authorization Attributes information that document is set that said reception client is sent: reception need be provided with the said document of Authorization Attributes.
3. document right control method as claimed in claim 1 is characterized in that, also comprises before the request message of the Authorization Attributes that document is set that said reception client is sent:
Receive the query messages of the Authorization Attributes information of the said document of inquiry that said client sends;
Send said response message to said client to said query messages.
4. like each described document right control method of claim 1 to 3; It is characterized in that; Said identification information according to said document; The Authorization Attributes information of obtaining said document is specially: according to the identification information of said document, in the document inventory database, obtain the Authorization Attributes information of said document; Said document inventory database is used to preserve the Authorization Attributes information that the user of different stage has said document.
5. a document right control method is characterized in that, said method comprises:
Client is sent the query messages of the Authorization Attributes information be used to inquire about document to service end;
Receive the response message that said service end is sent to said query messages;
Said response message is that Authorization Attributes and the source Authorization Attributes of said document is when inequality; Send said document to said service end; And sending the request message of the Authorization Attributes that said document is set, said source Authorization Attributes is the Authorization Attributes of the said document preserved in this locality of said client;
Download the said document that is provided with behind the Authorization Attributes from said service end, follow the tracks of said document in order to visit or monitoring.
6. document right control method as claimed in claim 5; It is characterized in that; Also comprise after the response message that the said service end of said reception is sent to said query messages: said response message is the Authorization Attributes of document when identical with the source Authorization Attributes, visit or the said document of monitoring tracking.
7. like claim 5 or 6 described document right control methods; It is characterized in that; The request message that said transmission is provided with the Authorization Attributes of said document also comprises afterwards: obtain said service end and accomplish the information that Authorization Attributes is provided with, in order to download the document of accomplishing the Authorization Attributes setting from said service end.
8. document control of authority device is characterized in that said device comprises:
First receiving element is used to receive the request message of the Authorization Attributes that document is set that client sends, and carries the identification information of said document in the described request message;
Acquiring unit is used for the identification information according to said document, obtains the Authorization Attributes information of said document;
The unit is set, is used for Authorization Attributes information, the Authorization Attributes of said document is set, obtain authorisation document according to said document;
Memory cell is used for said authorisation document is saved in the indicated position of download directory, so that the said authorisation document of said client downloads.
9. document control of authority device as claimed in claim 8 is characterized in that said device also comprises: second receiving element is used to receive the said document that Authorization Attributes need be set.
10. document control of authority device as claimed in claim 8 is characterized in that said device also comprises:
The 3rd receiving element is used to receive the query messages of the Authorization Attributes of the said document of inquiry that said client sends;
Transmitting element is used for sending the response message to said query messages to said client.
11., it is characterized in that said acquiring unit specifically is used for:, in the document inventory database, obtain the Authorization Attributes information of said document according to the identification information of said document like each described document control of authority device of claim 8-10; Said document inventory database is used to preserve the Authorization Attributes information that the user of different stage has said document.
12. a document control of authority device is characterized in that said device comprises:
Transmitting element is used for client is sent query messages from the Authorization Attributes be used to inquire about document to service end;
Receiving element is used to receive the response message that said service end is sent to said query messages;
First processing unit; Be used for Authorization Attributes that said response message is said document and source Authorization Attributes when inequality; Send said document to said service end; And sending the request message of the Authorization Attributes that said document is set, said source Authorization Attributes is the Authorization Attributes of the said document preserved in this locality of said client;
Download unit is used for downloading the said document that is provided with behind the Authorization Attributes from said service end, follows the tracks of said document in order to visit or monitoring.
13. document control of authority device as claimed in claim 12 is characterized in that said device also comprises: second processing unit, be used for said response message and be the Authorization Attributes of document when identical with the source Authorization Attributes, said document is followed the tracks of in visit or monitoring.
14. like claim 12 or 13 described document control of authority devices; It is characterized in that; Said device also comprises: acquiring unit, and be used to obtain said service end and accomplish the information that Authorization Attributes is provided with, accomplish the document that Authorization Attributes is provided with in order to download from said service end.
15. a document authority control system, said system comprises any described document control of authority device like claim 8-14, and the document inventory database.
CN201210161800.2A 2012-05-23 2012-05-23 File authority control method, device and system Active CN102685142B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210161800.2A CN102685142B (en) 2012-05-23 2012-05-23 File authority control method, device and system
PCT/CN2013/074895 WO2013174195A1 (en) 2012-05-23 2013-04-27 Document authority control method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210161800.2A CN102685142B (en) 2012-05-23 2012-05-23 File authority control method, device and system

Publications (2)

Publication Number Publication Date
CN102685142A true CN102685142A (en) 2012-09-19
CN102685142B CN102685142B (en) 2015-07-08

Family

ID=46816505

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210161800.2A Active CN102685142B (en) 2012-05-23 2012-05-23 File authority control method, device and system

Country Status (2)

Country Link
CN (1) CN102685142B (en)
WO (1) WO2013174195A1 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013174195A1 (en) * 2012-05-23 2013-11-28 华为技术有限公司 Document authority control method, device and system
CN103595621A (en) * 2013-11-20 2014-02-19 吉林大学 Message processing method and device in PDM system
CN104504079A (en) * 2014-12-24 2015-04-08 盐城工学院 Drawing and document data outgoing method based on PDM (pulse duration modulation)
CN105426373A (en) * 2014-09-19 2016-03-23 阿里巴巴集团控股有限公司 Database synchronization method and device
CN106649235A (en) * 2016-11-29 2017-05-10 中科曙光信息技术无锡有限公司 Cooperative document processing method
CN107517176A (en) * 2016-06-15 2017-12-26 杭州昕派科技有限公司 File security delivery system and method based on Bluetooth beacon
CN108009444A (en) * 2017-12-15 2018-05-08 广州市齐明软件科技有限公司 Authority control method, device and the computer-readable recording medium of full-text search
CN110032840A (en) * 2019-04-16 2019-07-19 广东欧谱曼迪科技有限公司 A kind of method of the medical instrument access privilege control of pair of external storage equipment
CN111460432A (en) * 2020-04-02 2020-07-28 北京字节跳动网络技术有限公司 Online document authority control method, device, equipment and computer readable medium
CN112765105A (en) * 2021-04-09 2021-05-07 杭州天谷信息科技有限公司 File tracking optimization system and method
CN113420331A (en) * 2021-06-30 2021-09-21 建信金融科技有限责任公司 Method and device for managing file downloading permission

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626378A (en) * 2009-08-14 2010-01-13 成都市华为赛门铁克科技有限公司 Method, device and system for managing authority information
CN102281141A (en) * 2011-07-26 2011-12-14 成都市华为赛门铁克科技有限公司 Document permission management method, apparatus and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4347123B2 (en) * 2003-05-02 2009-10-21 キヤノン株式会社 Document processing system, document processing method, computer-readable storage medium, and program
CN102064953A (en) * 2009-11-12 2011-05-18 中兴通讯股份有限公司 System, device and method for configuring user right information of lightweight directory access protocol (ldap) server
CN102685142B (en) * 2012-05-23 2015-07-08 华为技术有限公司 File authority control method, device and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626378A (en) * 2009-08-14 2010-01-13 成都市华为赛门铁克科技有限公司 Method, device and system for managing authority information
CN102281141A (en) * 2011-07-26 2011-12-14 成都市华为赛门铁克科技有限公司 Document permission management method, apparatus and system

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013174195A1 (en) * 2012-05-23 2013-11-28 华为技术有限公司 Document authority control method, device and system
CN103595621A (en) * 2013-11-20 2014-02-19 吉林大学 Message processing method and device in PDM system
CN103595621B (en) * 2013-11-20 2016-06-22 吉林大学 The method and apparatus of Message Processing in a kind of PDM system
CN105426373B (en) * 2014-09-19 2019-06-07 阿里巴巴集团控股有限公司 A kind of database synchronization method and equipment
CN105426373A (en) * 2014-09-19 2016-03-23 阿里巴巴集团控股有限公司 Database synchronization method and device
CN104504079A (en) * 2014-12-24 2015-04-08 盐城工学院 Drawing and document data outgoing method based on PDM (pulse duration modulation)
CN104504079B (en) * 2014-12-24 2017-12-29 盐城工学院 A kind of picture and text file data outgoing method based on PDM
CN107517176A (en) * 2016-06-15 2017-12-26 杭州昕派科技有限公司 File security delivery system and method based on Bluetooth beacon
CN106649235A (en) * 2016-11-29 2017-05-10 中科曙光信息技术无锡有限公司 Cooperative document processing method
CN108009444A (en) * 2017-12-15 2018-05-08 广州市齐明软件科技有限公司 Authority control method, device and the computer-readable recording medium of full-text search
CN110032840A (en) * 2019-04-16 2019-07-19 广东欧谱曼迪科技有限公司 A kind of method of the medical instrument access privilege control of pair of external storage equipment
CN110032840B (en) * 2019-04-16 2022-12-02 广东欧谱曼迪科技有限公司 Method for controlling access authority of medical apparatus of external storage device
CN111460432A (en) * 2020-04-02 2020-07-28 北京字节跳动网络技术有限公司 Online document authority control method, device, equipment and computer readable medium
CN111460432B (en) * 2020-04-02 2023-05-19 抖音视界有限公司 On-line document authority control method, device, equipment and computer readable medium
CN112765105A (en) * 2021-04-09 2021-05-07 杭州天谷信息科技有限公司 File tracking optimization system and method
CN112765105B (en) * 2021-04-09 2021-11-09 杭州天谷信息科技有限公司 File tracking optimization system and method
CN113420331A (en) * 2021-06-30 2021-09-21 建信金融科技有限责任公司 Method and device for managing file downloading permission

Also Published As

Publication number Publication date
CN102685142B (en) 2015-07-08
WO2013174195A1 (en) 2013-11-28

Similar Documents

Publication Publication Date Title
CN102685142B (en) File authority control method, device and system
US11108863B2 (en) Tag operating system
CN107196788B (en) Method and device for processing buried point data, server and client
US20190036928A1 (en) Data access and ownership management
US20200364525A1 (en) Rf tag operating system with iot connector core
US9910895B2 (en) Push subscriptions
CN108369622A (en) Software container registration table service
US8204949B1 (en) Email enabled project management applications
CN105493435A (en) Virtual service provider zones
CN106559427B (en) Data storage and data transmission system
CN105095786A (en) Platform to build secure mobile collaborative applications using dynamic presentation and data configurations
US20180074808A1 (en) Software update system, firmware over the air updating system and method of updating a client device
CN107545048B (en) Processing method and device for encrypted compressed file
WO2015179242A1 (en) Methods and apparatus for identifying browser use on a mobile device
US8579187B2 (en) System and method to identify machine-readable codes
CN109120636A (en) The method and server device that content access request is authorized
WO2019157122A1 (en) Rf tag operating system with iot connector core
US9665732B2 (en) Secure Download from internet marketplace
WO2019079799A1 (en) System and method for data management
KR101666064B1 (en) Apparatus for managing data by using url information in a distributed file system and method thereof
CN103200276A (en) File security control method and device
US9621424B2 (en) Providing a common interface for accessing and presenting component configuration settings
CN107919989A (en) A kind of application upgrade method, apparatus and terminal device
CN113326506B (en) Applet monitoring method and device
CN112559250B (en) Configuration data backup method and device for electric power Internet of things

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant